jinql
/
webssh
mirror of https://github.com/huashengdun/webssh
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Tested app with 403 and 404 requests

pull/38/head
Sheng 2018-10-16 14:51:15 +08:00
parent e94c846379
commit af60cd1cd5
2 changed files with 46 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

44
tests/test_app.py
View File

@ -561,3 +561,47 @@ class TestAppWithRejectPolicy(OtherTestBase):
self.assertIsNone(data['encoding']) self.assertIsNone(data['encoding'])
message = 'Connection to {}:{} is not allowed.'.format(self.body['hostname'], self.sshserver_port) # noqa message = 'Connection to {}:{} is not allowed.'.format(self.body['hostname'], self.sshserver_port) # noqa
self.assertEqual(message, data['status']) self.assertEqual(message, data['status'])
class TestAppWithTrustedStream(OtherTestBase):
tdstream = '127.0.0.2'
def test_with_forbidden_get_request(self):
response = self.fetch('/', method='GET')
self.assertEqual(response.code, 403)
self.assertIn(b'403: Forbidden', response.body)
def test_with_forbidden_post_request(self):
response = self.fetch('/', method='POST', body=urlencode(self.body),
headers=self.headers)
self.assertEqual(response.code, 200)
self.assertIn(b'"status": "Forbidden"', response.body)
def test_with_forbidden_put_request(self):
response = self.fetch('/', method='PUT', body=urlencode(self.body),
headers=self.headers)
self.assertEqual(response.code, 403)
self.assertIn(b'403: Forbidden', response.body)
class TestAppNotFoundHandler(OtherTestBase):
def test_with_not_found_get_request(self):
response = self.fetch('/pathnotfound', method='GET')
self.assertEqual(response.code, 404)
self.assertEqual(response.headers['Server'], 'TornadoServer')
self.assertIn(b'404: Not Found', response.body)
def test_with_not_found_post_request(self):
response = self.fetch('/pathnotfound', method='POST',
body=urlencode(self.body), headers=self.headers)
self.assertEqual(response.code, 404)
self.assertEqual(response.headers['Server'], 'TornadoServer')
self.assertIn(b'404: Not Found', response.body)
def test_with_not_found_put_request(self):
response = self.fetch('/pathnotfound', method='PUT',
body=urlencode(self.body), headers=self.headers)
self.assertEqual(response.code, 404)
self.assertEqual(response.headers['Server'], 'TornadoServer')
self.assertIn(b'404: Not Found', response.body)

4
webssh/handler.py
View File

@ -54,7 +54,7 @@ class MixinHandler(object):
lst = context.trusted_downstream lst = context.trusted_downstream
if lst and ip not in lst: if lst and ip not in lst:
logging.info( logging.warning(
'IP {!r} not found in trusted downstream {!r}'.format(ip, lst) 'IP {!r} not found in trusted downstream {!r}'.format(ip, lst)
) )
return True return True
@ -62,7 +62,7 @@ class MixinHandler(object):
if context._orig_protocol == 'http': if context._orig_protocol == 'http':
ipaddr = to_ip_address(ip) ipaddr = to_ip_address(ip)
if not ipaddr.is_private: if not ipaddr.is_private:
logging.info('Public non-https request is forbidden.') logging.warning('Public non-https request is forbidden.')
return True return True
def set_default_headers(self): def set_default_headers(self):